Digital Forensics & Data Analysis 101: Course Contents | ALC Training News

  • No comments
MODULE 1: FORENSICS AND DIGITAL FORENSICS
  • What is Forensic Science
  • The role of the Forensic Science in the Legal System
  • Why is important to understand the forensic evidence
  • Identifying Forensic Traces
MODULE 2: DIGITAL FORENSIC PRINCIPLES
  • Introduction and Discussion
MODULE 3: HARDWARE PRINCIPLES
  • Desktops, laptops, and other devices with operating systems
  • Boot Process
  • Forensic Boot
MODULE 4: STORAGE MEDIA PRINCIPLES
  • Different types of Digital Storage Devices and Media
  • Introduction to data organisation (file systems and data structures)
  • Remote / Network / Cloud Storage
MODULE 5: OPERATING SYSTEMS
  • What is an Operating System
  • Different types of Operating Systems
  • Common OS forensic artefacts
  • Application Software
MODULE 6: DATA PRESERVATION PRINCIPLES
  • Different types of Hardware Write Blocking and Imaging Devices
  • Software Write Blocking Applications
  • The importance of testing and verification of DF tools
MODULE 7: MANAGING DIGITAL EVIDENCE AT THE CRIME SCENE
  • What is Digital Forensic Crime Scene
  • Prepare before attending the Crime Scene
  • DF team member and the warrant holder
  • Interviewing suspects in relation to digital evidence
  • How to control the Digital Forensic Crime Scene
  • The importance of the forensic approach when processing Digital Evidence
  • Protect and manage digital evidence at the crime scene
  • Document digital evidence at the crime scene
  • Processing a crime scene involving digital evidence and perform preliminary survey
  • Introduction to Digital Forensic Triage
  • Develop a plan for successful triage of digital evidence
MODULE 8: THE ACQUISITION PROCESS
  • Digital evidence collection
  • How to prepare/sterile Target Media
  • What is Forensic image and what is a Clone
  • Different types of Forensic Image Formats
  • Perform basic imaging
  • Data collection
  • Practical Exercises
  • Prepare target media
  • Test and verify DF tools
  • Imaging
  • Cloning
  • Data Containers
  • Targeted Collections
  • Authentication
MODULE 9: DIGITAL FORENSIC TRIAGE
  • The theory of DFT
  • Using different tools to perform DF Triage
  • Triaging of storage devices
  • Prioritising devices for Live examination and collection (Volatility Risk Assessment)
  • Triaging of computer systems and smart devices
  • Windows
  • Apple
  • Android
  • How to Identify “Hot Zones” for effective DFT on powered on systems
  • Live DFT Workflow
  • DFT and RAM
  • Identify Encrypted structures (Volumes, Folders…)
  • Bit Locker
  • Specialities of APPLE devices
MODULE 10: OHS AND OFFICER SAFETY
  • How to identify and manage individual and environmental threats to an officer’s safety
  • How to deploy proper procedures and tactics to ensure personal safety as well as the safety of others at the electronic crime scene
MODULE 11: DIGITAL EVIDENCE IN COURT
  • Introduction
MOD 12: Mobile Device Technology Overview: Cellebrite UFED Field Operator (CUFO)
  • Mobile Device Technology Overview
  • Data Locations
  • Forensic Handling of Mobile Devices
  • UFED Kiosk Tour
  • SIM Extraction with UFED Kiosk
  • Mobile Device Extraction with UFED Kiosk
  • SD Card Extractions with UFED Kiosk
  • Viewing Data using the UFED Kiosk

Jes Irving